<?php
require_once("inc.member.php");

$this_title=__("Login Stockist");
$page_title=__("Login Stockist");

$new_plan=mysql_fetch_assoc(mysql_query("select id from $db->stockist_access where udate='0000-00-00' and uid=".$uid));
if($new_plan['id']<=0){
	$errmsg=__("No permission to access!");
}

if($errmsg){
 $errmsg="<h2>$page_title</h2>".format_err($errmsg);

 print format_member_page($errmsg, $this_title, $content_title);
 exit();
}

$td_width=180;

//#####EDIT STOCKIST ACCESS POST#####
if($_POST["__req"]){
 //#####ERROR CHECK#####
 $chk_arr="password";
 $chk_arrr=explode(",", $chk_arr);
 foreach($post_s as $f=>$v){
  if(in_array($f, $chk_arrr)){
   $data[$f]=$v;
  }
 }
 $errmsg=verify_form_data("edit_stockist_access", $data);
 if(!$errmsg){
  //check user id
  if(strlen($post_s['password'])){
   if(!$r_access=@mysql_fetch_assoc(mysql_query("select * from $db->stockist_access where password='$post_d[password]' and udate='0000-00-00' and uid=".$uid))){
    $errmsg.=format_err(__("Invalid password."))."<br />\n";
   }
  }	
 }
 //#####END ERROR CHECK#####

 //#####UPDATE TO DB#####
 if(!$errmsg){  
   $forward_url=$return_url? $return_url : MEMBER_URL."/".$vars["file"]["member"]["select_stockist"];
   $forward_url.='?id='.$r_access['id'];
   header("Location: $forward_url");
 }

 $msg=$msg? format_msg($msg) : "";
 //$errmsg=$errmsg? format_err(__("There is some error(s), please correct them before continuing:")."<br />\n<br />\n$errmsg") : "";
}
//#####END STOCKIST ACCESS POST#####

$form_fields=array("id"=>"","password"=>"");
foreach($form_fields as $field => $default){
 $db_fieldname=preg_match('/^_/', $field)? substr($field, 1) : $field;
 $dis[$field]=(!$post_s["__req"]? (nhtmlentities($r_access[$db_fieldname])) : $post_h[$field]);
}

$manage_user=($errmsg || $msg? $errmsg.$msg : "").
"<form name='aj_form' method='post' action='$this_file'></form>
<form name='user_form' method='post' action='$this_file?$_SERVER[QUERY_STRING]'>
<input type='hidden' name='__req' value='1' />
<input type='hidden' name='back_url' value=\"$back_url\" />
<table class='amt_table' width='80%'>
 <tr class='amt_header'>
  <td colspan='2'></td>
 </tr>
 <tr>
  <td width='$td_width'>".__("Password").__(":")." ".__("*")."</td>
  <td><input type='password' name='password' value='' $inputbox_style /></td>
 </tr>
 <tr>
  <td colspan='2' class='center' style='padding:20px 0 20px 0;'>
   <input type='submit' name='submit_btn' value=\"".__("Login Stockist")."\" />
  </td>
</table>
</form>
$c_jvscript";

$content="<h2>$page_title</h2>$manage_user";

print format_member_page($content, $this_title, $content_title, $css.$jvscript);
?>